What type of data is typically stored using Docker secrets?

Docker secrets are specifically designed to manage sensitive data such as API keys, passwords, and tokens securely within a Docker swarm. The primary goal of using Docker secrets is to keep this sensitive information out of the source code and configuration files, thus minimizing the risk of exposure in the plaintext format. When a secret is created in Docker, it is stored in the swarm manager and can be used by services in the swarm without being exposed to the system directly. This approach ensures that only the services that require access can retrieve the secrets, enhancing security.

The other types of data mentioned, such as configuration files and source code, do not fall under the specific use case for secrets. Configuration files might contain sensitive information but are generally not managed as Docker secrets. Similarly, source code, while it may house sensitive information inadvertently, is not specifically designed for policy-controlled access to secrets. Container images represent the deployed application and its dependencies, but again, they do not serve the purpose of securely handling sensitive data like passwords and API keys do.